<html>
<head>
<link rel="stylesheet" type="text/css" href="./style.css" />

<script type="text/javascript">
function matchPass(){
	var password1=document.forms["passChoose"]["password1"].value;
	var password2=document.forms["passChoose"]["password2"].value;
	
	if(password1!=password2){
		alert("Your password don't match");
		return false;
	}
	
	if(password1.length < 4 || password1.length > 20){
		alert("Your password must be between 4 and 20 characters long");
		return false;
	}
	
	if(password2.length < 4 || password2.length > 20){
		alert("Your password must be between 4 and 20 characters long");
		return false;
	}
	
}
</script>

</head>
<img style="margin-left:42%; text-align:center" src="./img/logo_txt_only.jpg" />
<div style="text-align:center;background-color:#d0ddcf;border: 1px solid #9CAA9C;width:300px;margin-left:40%;margin-left:40%;">
<?php

include('functions.php');

dbConnect();

$passValid = 'valid';


if(isset($_GET['register'])){

	
	$ver = $_GET['register'];
	
	$query = "SELECT ver, username, domain FROM vers WHERE ver='$ver'";
	
	$result = @mysql_query($query);
	
	$row = mysql_fetch_array($result, MYSQL_NUM);
	
	if($row){		
		
		$v = $row[0]; 

		$u = $row[1];

		$d = $row[2];
		
		echo '<b>Please choose a password</b><br />';
		
		echo 'Your password must be between 4 and 20 characters long, only requirement<br />';
		
		echo '<form name="passChoose" onsubmit="return matchPass()" action="passChoose.php" method="post">';
			echo '<input type="password" name="password1" value="password" /><br />';
			echo '<input type="password" name="password2" value="password" /><br />';
			echo '<input type="hidden" name="username" value="' . $u . '">';
			echo '<input type="hidden" name="domain" value="' . $d . '">';
			echo '<input type="hidden" name="ver" value="' . $v . '">';
			echo '<input type="hidden" name="passwordSubmitted" value="TRUE">';
			echo '<input type="submit" value="Login" />';
		echo '</form>';
		
	} else {
		echo 'We could not find your verification number';
	}
} else if(isset($_POST['passwordSubmitted'])){
		
		$p = $_POST['password1'];
		$p2 = $_POST['password2'];
		$u = $_POST['username'];
		$d = $_POST['domain'];
		$key = $_POST['ver'];
		$validPass = 'valid';
		
		
		if($p == $p2){
			$sql = "INSERT INTO users (id, username, password, domain, level, created, modified) VALUES (NULL, '$u', SHA('$p'), '$d', 'normal', NOW(), NOW())";

			$result = mysql_query($sql) or trigger_error("Query: $sql \n<br />MYSQL Error: " . mysql_error());

			$sql2 = mysql_query("DELETE FROM vers WHERE ver='$key'");

			echo $u . '@' . $d . ' Welcome to College Hustler, please <a href="' . getUrl() . 'login.php">Login</a>';
		} else {
			echo 'Your passwords did not match!';
			echo '<form action="passChoose.php" method="GET">';
			echo '<input type="hidden" name="register" value="TRUE" />';
			echo '<input type="hidden" name="key" value="' . $key . '" />';
			echo '<input type="submit" value="Try Again" />';
			echo '</form>';
		}
		
	

			


}

?>
</div>

<a style="margin-top:20px;margin-left:48%;text-align:center;color:black" href="<?= getUrl(); ?>">Return Home</a>

</html>